1 /*
2  * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include "bsv_defs.h"
8 #include "bsv_error.h"
9 #include "secureboot_stage_defs.h"
10 #include "bootimagesverifier_error.h"
11 
12 #include "common_cert_parser.h"
13 #include "cc_pal_log.h"
14 
15 #include "secdebug_api.h"
16 #include "secdebug_defs.h"
17 
18 /*
19 #define KEY_CERT_SIZE               (sizeof(KeyCert_t))
20 #define CERT_SIGNATURE_SIZE         (sizeof(CCSbSignature_t))
21 #define ENABLER_CERT_SIZE           (sizeof(EnablerCertMain_t))
22 #define ENABLER_CERT_HEADER_SIZE        (sizeof(EnablerCertHeader_t))
23 #define ENABLER_CERT_HEADER_SIZE_WORDS      (ENABLER_CERT_HEADER_SIZE/CC_32BIT_WORD_SIZE)
24 #define DEVELOPER_CERT_SIZE         (sizeof(DeveloperCertMain_t))
25 #define DEVELOPER_CERT_HEADER_SIZE      (sizeof(DeveloperCertHeader_t))
26 #define DEVELOPER_CERT_HEADER_SIZE_WORDS    (DEVELOPER_CERT_HEADER_SIZE/CC_32BIT_WORD_SIZE)
27 #define MASK_WORD_ALIGN             (CC_32BIT_WORD_SIZE-1)
28 */
29 
30 /**
31    @brief This function copy N, Np (CCSbNParams_t) and signature
32    (certificate start address + sizeof certificate in certificate header) from the certificate to workspace.
33    Return pointer to certificate header CCSbCertHeader_t, and pointer to cert body sizeof()
34 
35  */
CCCertFieldsParse(BufferInfo32_t * pCertInfo,BufferInfo32_t * pWorkspaceInfo,CertFieldsInfo_t * pCertFields,uint32_t ** ppCertStartSign,uint32_t * pCertSignedSize,BufferInfo32_t * pX509HeaderInfo)36 CCError_t CCCertFieldsParse(BufferInfo32_t  *pCertInfo,
37                             BufferInfo32_t  *pWorkspaceInfo,
38                             CertFieldsInfo_t  *pCertFields,
39                             uint32_t    **ppCertStartSign,
40                             uint32_t    *pCertSignedSize,
41                             BufferInfo32_t  *pX509HeaderInfo)
42 {
43         uint8_t *pPubKey = NULL;
44         uint8_t *pSignature = NULL;
45         uint32_t  certSignedSize = 0;
46         workspaceInt_t  *lpWorkspaceInt;
47 
48         /* Fields used only for X509 */
49         CC_UNUSED_PARAM(pX509HeaderInfo);
50 
51         if ((pWorkspaceInfo == NULL) ||
52             (pWorkspaceInfo->pBuffer == NULL) ||
53             (pWorkspaceInfo->bufferSize < sizeof(workspaceInt_t))) {
54                 CC_PAL_LOG_ERR("workspace and or sizes illegal\n");
55                 return CC_BSV_ILLEGAL_INPUT_PARAM_ERR;
56         }
57         lpWorkspaceInt = (workspaceInt_t  *)(pWorkspaceInfo->pBuffer);
58 
59         /* Verify the cert size (from the header), certSize is constant according to MAX certificate size. */
60         UTIL_MemCopy((uint8_t *)&pCertFields->certHeader, (uint8_t *)pCertInfo->pBuffer, sizeof(CCSbCertHeader_t));
61         certSignedSize = pCertFields->certHeader.certSize * CC_32BIT_WORD_SIZE;
62         if (certSignedSize > pCertInfo->bufferSize - sizeof(CCSbSignature_t)) {
63                 CC_PAL_LOG_ERR("certSignedSize illegal 0x%x, certSize  0x%x, sizeof(CCSbSignature_t) 0x%x,\n", certSignedSize, pCertInfo->bufferSize, sizeof(CCSbSignature_t));
64                 UTIL_MemSet((uint8_t *)&pCertFields->certHeader, 0, sizeof(CCSbCertHeader_t));
65                 return CC_BSV_ILLEGAL_INPUT_PARAM_ERR;
66         }
67 
68         /* Parse and set the pointers */
69         pCertFields->pCertBody = (uint8_t *)((unsigned long)pCertInfo->pBuffer + sizeof(CCSbCertHeader_t) + sizeof(CCSbNParams_t));
70         pCertFields->certBodySize = pCertInfo->bufferSize - (sizeof(CCSbCertHeader_t) + sizeof(CCSbNParams_t) + sizeof(CCSbSignature_t));
71         pPubKey = (uint8_t *)((unsigned long)pCertInfo->pBuffer + sizeof(CCSbCertHeader_t));
72         pSignature = (uint8_t *)((unsigned long)pCertInfo->pBuffer + certSignedSize);
73         /* copy N and Np into workspace */
74         UTIL_MemCopy((uint8_t *)&lpWorkspaceInt->pubKey, pPubKey, sizeof(CCSbNParams_t));
75         /* copy signature into workspace */
76         UTIL_MemCopy((uint8_t *)&lpWorkspaceInt->signature, pSignature, sizeof(CCSbSignature_t));
77         *ppCertStartSign = pCertInfo->pBuffer;
78         *pCertSignedSize = certSignedSize;
79 
80 
81         return CC_OK;
82 }
83 
CCCertGetUnsignedDataOffset(uint32_t * pCert,uint32_t * pUnsignedDataOffset)84 uint32_t CCCertGetUnsignedDataOffset(uint32_t *pCert,
85                      uint32_t *pUnsignedDataOffset)
86 {
87         CCSbCertHeader_t *pCertHeader = (CCSbCertHeader_t *)pCert;
88 
89     if ((pCert == NULL)||(pUnsignedDataOffset == NULL)){
90         return CC_BOOT_IMG_VERIFIER_INV_INPUT_PARAM;
91     }
92 
93         *pUnsignedDataOffset = (pCertHeader->certSize + SB_CERT_RSA_KEY_SIZE_IN_WORDS);
94 
95         return CC_OK;
96 }
97 
98 
99